glycoengineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.72). The skill’s runtime workflow can ingest outsider-authored free text via external web/API content—e.g., it calls GlyConnect’s API (query_glyconnect / get_glycoprotein_info) and potentially other public services (NetOGlyc/GlyTouCan), whose returned JSON/text is not authored by the operating user and may be included in the agent’s LLM context.